package com.wct.permission.controller;

import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.access.annotation.Secured;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;

@Controller
@RequestMapping("/product")
public class ProductController {

    @Secured({"ROLE_PRODUCT","ROLE_ADMIN"})
//    @RolesAllowed
    @RequestMapping("/findAll")
    public String findAll() {
//        throw new AccessDeniedException("");
        return "product-list";
    }
}
